mirror of https://github.com/zulip/zulip.git
csrf_failure: Update error page.
Switches from Django's default error page to Zulip standard error template. Also updates template for 405 error code to not use the 404 art. Fixes #25626.
This commit is contained in:
parent
c58c12911c
commit
0a626f5e3c
|
@ -13,11 +13,7 @@
|
||||||
<img src="{{ static('images/errors/400art.svg') }}" alt=""/>
|
<img src="{{ static('images/errors/400art.svg') }}" alt=""/>
|
||||||
<div class="errorbox">
|
<div class="errorbox">
|
||||||
<div class="errorcontent">
|
<div class="errorcontent">
|
||||||
{% if status_code == 405 %}
|
|
||||||
<h1 class="lead">{{ _("Method not allowed (405)") }}</h1>
|
|
||||||
{% else %}
|
|
||||||
<h1 class="lead">{{ _("Page not found (404)") }}</h1>
|
<h1 class="lead">{{ _("Page not found (404)") }}</h1>
|
||||||
{% endif %}
|
|
||||||
<p>
|
<p>
|
||||||
{% trans %}
|
{% trans %}
|
||||||
If this error is unexpected, you can
|
If this error is unexpected, you can
|
||||||
|
|
|
@ -0,0 +1,53 @@
|
||||||
|
{% extends "zerver/portico.html" %}
|
||||||
|
|
||||||
|
{% block title %}
|
||||||
|
<title>{{ _("Error") }} | Zulip</title>
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block portico_class_name %}error{% endblock %}
|
||||||
|
|
||||||
|
{% block portico_content %}
|
||||||
|
<div class="error_page">
|
||||||
|
<div class="container">
|
||||||
|
<div class="row-fluid">
|
||||||
|
<div class="errorbox">
|
||||||
|
<div class="errorcontent">
|
||||||
|
{% if csrf_failure %}
|
||||||
|
<h1 class="lead">{{ _("Access forbidden (403)") }}</h1>
|
||||||
|
<p>
|
||||||
|
{% trans %}
|
||||||
|
Your request could not be completed because your
|
||||||
|
browser did not send the credentials required to authenticate
|
||||||
|
your access. To resolve this issue:
|
||||||
|
{% endtrans %}
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<ol>
|
||||||
|
<li>
|
||||||
|
{% trans %}
|
||||||
|
Make sure that your browser allows cookies for this site.
|
||||||
|
{% endtrans %}
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
{% trans %}
|
||||||
|
Check for any browser privacy settings or extensions
|
||||||
|
that block Referer headers, and disable them for
|
||||||
|
this site.
|
||||||
|
{% endtrans %}
|
||||||
|
</li>
|
||||||
|
</ol>
|
||||||
|
{% elif status_code == 405 %}
|
||||||
|
<h1 class="lead">{{ _("Method not allowed (405)") }}</h1>
|
||||||
|
<p>
|
||||||
|
{% trans %}
|
||||||
|
If this error is unexpected, you can
|
||||||
|
<a href="mailto:{{ support_email }}">contact support</a>.
|
||||||
|
{% endtrans %}
|
||||||
|
</p>
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endblock %}
|
|
@ -123,7 +123,7 @@ def require_post(
|
||||||
return json_method_not_allowed(["POST"])
|
return json_method_not_allowed(["POST"])
|
||||||
else:
|
else:
|
||||||
return TemplateResponse(
|
return TemplateResponse(
|
||||||
request, "404.html", context={"status_code": 405}, status=405
|
request, "4xx.html", context={"status_code": 405}, status=405
|
||||||
)
|
)
|
||||||
return func(request, *args, **kwargs)
|
return func(request, *args, **kwargs)
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,6 @@ from django.utils.crypto import constant_time_compare
|
||||||
from django.utils.deprecation import MiddlewareMixin
|
from django.utils.deprecation import MiddlewareMixin
|
||||||
from django.utils.log import log_response
|
from django.utils.log import log_response
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from django.views.csrf import csrf_failure as html_csrf_failure
|
|
||||||
from django_scim.middleware import SCIMAuthCheckMiddleware
|
from django_scim.middleware import SCIMAuthCheckMiddleware
|
||||||
from django_scim.settings import scim_settings
|
from django_scim.settings import scim_settings
|
||||||
from sentry_sdk import set_tag
|
from sentry_sdk import set_tag
|
||||||
|
@ -454,7 +453,7 @@ def csrf_failure(request: HttpRequest, reason: str = "") -> HttpResponse:
|
||||||
if RequestNotes.get_notes(request).error_format == "JSON":
|
if RequestNotes.get_notes(request).error_format == "JSON":
|
||||||
return json_response_from_error(CsrfFailureError(reason))
|
return json_response_from_error(CsrfFailureError(reason))
|
||||||
else:
|
else:
|
||||||
return html_csrf_failure(request, reason)
|
return render(request, "4xx.html", context={"csrf_failure": True}, status=403)
|
||||||
|
|
||||||
|
|
||||||
class LocaleMiddleware(DjangoLocaleMiddleware):
|
class LocaleMiddleware(DjangoLocaleMiddleware):
|
||||||
|
|
Loading…
Reference in New Issue